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IN THE CLAIMS 



Please cancel claims 1, 5, 7, 11, 13 and 17 without prejudice or disclaimer. 

Please amend claims 2-4, 6, 8-10, 12, 14-16 and 18-22 as indicated below. 

This listing of claims will replace all prior versions, and listings, of claims in 
the application. 

Listing of Claims: 

Claim 1 (cancelled) 

1 Claim 2 (currently amended) A m e thod as claim e d in claim 1 A method for 

2 initializing a first device distributed with an embedded radio module using a server, 

3 said server having an embedded radio module, said method comprising the steps of: 

4 sending an inquiry from said server to said first device using said embedded 

5 radio modules; 

6 returning, from said first device, a unique device identifier of said first device, 

7 to said server; 

8 creating, at said server, a public key, private key pair for said first device; 

9 creating, at said server, a device certificate for said first device, said device 

10 certificate having a unique hardware identifier associated with said first device and a 

11 public key associated with said first device; 

12 transmitting said private key, and said device certificate, and a public key of a 

13 Certificate Authority which signed said device certificate, to said first device; and 

14 storing said private key in non-removable protected storage at said first 

15 device; 

16 wherein said protected storage is write-only storage able to perform 

1 7 computations involving previously- written data. 

1 Claim 3 (currently amended) A method as claimed in claim [[1]] 2 wherein a copy of 

2 said certificate is stored in an enterprise database. 



-2- 



CR9-99-045 



PATENT 



1 Claim 4 (currently amended) A method as claimed in claim [[1]] 2 wherein a copy of 

2 said certificate is stored in an LDAP directory. 

Claim 5 (cancelled) 

1 Claim 6 (currently amended) A m e thod as claim e d in claim 5 A method for 

2 initializing a first device distributed with an embedded radio module using a server, 

3 said server having an embedded radio module, said method comprising the steps of: 

4 sending an inquiry from said server to said first device using said embedded 

5 radio modules; 

6 creating, at said first device, a public key, private key pair for said first device; 

7 storing, at said first device, said private key in non-removable protected 

8 storage; 

9 returning, from said first device, a unique device identifier and said public key 

10 of said first device, to said server; 

11 creating, at said server, a device certificate for said first device, said device 

12 certificate having said device identifier and said public key; and 

13 transmitting said device certificate and a public key of a Certificate Authority 

14 which signed said device certificate to said first device; 

15 wherein said protected storage is a write-only storage able to perform 

16 computations involving previously-written data. 

Claim 7 (cancelled) 

1 Claim 8 (currently amended) A syst e m as claim e d in claim 7 A system for initializing 

2 a first device distributed with an embedded radio module using a server, said server 

3 having an embedded radio module, said system comprising: 

4 a communications mechanism for sending an inquiry from said server to said 

5 first device using said embedded radio modules, and returning, from said first device, 

6 a unique device identifier of said first device, to said server; 
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7 a processor at said server for creating a public key, private key pair for said 

8 first device; and 

9 a device certificate, created at said server, for said first device, said device 

10 certificate having a unique hardware identifier associated with said first device and a 

11 public key associated with said first device; 

12 wherein said communications mechanism transmits said private key, and said 

13 device certificate, and a public key of a Certificate Authority which signed said 

14 device certificate, to said first device; and, said processor stores said private key in 

15 non-removable protected storage at said first device; 

16 wherein said protected storage is write-only storage able to perform 

1 7 computations involving previously- written data. 

1 Claim 9 (currently amended) A system as claimed in claim [[7]] 8 wherein a copy of 

2 said certificate is stored in an enterprise database. 

1 Claim 10 (currently amended) A system as claimed in claim [[7]] 8 wherein a copy 

2 of said certificate is stored in an LDAP directory. 

Claim 1 1 (cancelled) 



1 Claim 12 (currently amended) A syst e m as claim e d in claim 11 An initialization 

2 system, said system comprising: 

3 a first device, said first device having an embedded radio module; 

4 a server, said server having an embedded radio module; 

5 a communications mechanism, said communications mechanism sending an 

6 inquiry from said server to said first device using said embedded radio modules; 

7 wherein said first device creates a public key, private key pair for said first 

8 device, stores said private key in non-removable protected storage, and returns a 

9 unique device identifier and said public key of said first device, to said server; 

10 said server creates a device certificate for said first device, said device 

11 certificate having said device identifier and said public key; and transmits said device 
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12 certificate and a public key of a Certificate Authority which signed said device 

13 certificate to said first device; 

14 wherein said protected storage is a write-only storage able to perform 

1 5 computations involving previously- written data. 

Claim 13 (cancelled) 

1 Claim 14 (currently amended) Th e comput e r program product as claim e d in claim 13 

2 A computer program product embodied in a machine readable medium for initializing 

3 a first device distributed with an embedded radio module using a server, said server 

4 having an embedded radio module, wherein said computer program product 

5 comprises the programming steps of: 

6 sending an inquiry from said server to said first device using said embedded 

7 radio modules; 

8 returning, from said first device, a unique device identifier of said first device, 

9 to said server; 

10 creating, at said server, a public key, private key pair for said first device; 

11 creating, at said server, a device certificate for said first device, said device 

12 certificate having a unique hardware identifier associated with said first device and a 

13 public key associated with said first device; 

14 transmitting said private key, and said device certificate, and a public key of a 

15 Certificate Authority which signed said device certificate, to said first device; and 

16 storing said private key in non-removable protected storage at said first 

17 device; 

18 wherein said protected storage is write-only storage able to perform 

19 computations involving previously- written data. 

1 Claim 1 5 (currently amended) The computer program product as claimed in claim 

2 [[13]] 14 wherein a copy of said certificate is stored in an enterprise database. 
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1 Claim 16 (currently amended) The computer program product as claimed in claim 

2 [[13]] 14 wherein a copy of said certificate is stored in an LDAP directory. 

Claim 17 (cancelled) 

1 Claim 1 8 (currently amended) Th e comput e r program product as claim e d in claim 17 

2 A computer program product embodied in a machine readable medium for initializing 

3 a first device distributed with an embedded radio module using a server, said server 

4 having an embedded radio module, wherein said computer program product 

5 comprises the programming steps of: 

6 sending an inquiry from said server to said first device using said embedded 

7 radio modules; 

8 creating, at said first device, a public key, private key pair for said first device; 

9 storing, at said first device, said private key in non-removable protected 

10 storage; 

11 returning, from said first device, a unique device identifier and said public key 

12 of said first device, to said server; 

13 creating, at said server, a device certificate for said first device, said device 

14 certificate having said device identifier and said public key; and 

15 transmitting said device certificate and a public key of a Certificate Authority 

16 which signed said device certificate to said first device; 

17 wherein said protected storage is a write-only storage able to perform 

1 8 computations involving previously- written data. 

1 Claim 19 (currently amended) The method as recited in claim [[1]] 2, wherein 

2 communication between said first device and said server is performed in a wireless 

3 manner. 

1 Claim 20 (currently amended) The system as recited in claim [[7]] 8, wherein 

2 communication between said first device and said server is performed in a wireless 

3 manner. 
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1 Claim 21 (currently amended) The computer program product as recited in claim 

2 [[13]] 14, wherein communication between said first device and said server is 

3 performed in a wireless manner. 

1 Claim 22 (currently amended) The computer program product as recited in claim 

2 [[17]] 1_8, wherein communication between said first device and said server is 

3 performed in a wireless manner. 
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